hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
614d313690580aba87bb1facb4fbc29e4e2e1a40
bashbunny-payloads/payloads/library/credentials/ProcDumpBunny/README.md
0iphor13 2b489f864c Update README.md
2022-01-25 19:16:31 +01:00

22 lines
907 B
Markdown
Raw Blame History

**Title: ProcDumpBunny**
Author: 0iphor13
Version: 1.0
What is ProcDumpBunny?
#
*It is simple - using a renamed version of procdump - you are able to dump hashes from lsass.exe*
#
**Instruction:**
Download ProcDump from Microsoft - https://docs.microsoft.com/en-us/sysinternals/downloads/procdump - rename the Executeable to Bunny.exe
![alt text](https://github.com/0iphor13/bashbunny-payloads/blob/master/payloads/library/credentials/ProcDumpBunny/Screenshot%20(38).png)
Place Bunny.exe in the same payload switch as your payload
![alt text](https://github.com/0iphor13/bashbunny-payloads/blob/master/payloads/library/credentials/ProcDumpBunny/Screenshot%20(37).png)
#
Plug in BashBunny.
Exfiltrate the out.dmp file and read it with Mimikatz.
![alt text](https://github.com/0iphor13/bashbunny-payloads/blob/master/payloads/library/credentials/ProcDumpBunny/Screenshot%20(39).png)
Reference in New Issue View Git Blame Copy Permalink